The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
Game Rant

PC Gamers Have Until May 16 to Download 2024 Horror Game For Free and Keep It Forever

Joshua started at GameRant in 2017 where he fell in love with a company that supports creativity, treats video games with the respect they deserve, and is complete with people whose passions match his ...
Game Rant

Steam Users Have Until April 27 to Download 2024 Suspense Game 100% Free

Joshua started at GameRant in 2017 where he fell in love with a company that supports creativity, treats video games with the respect they deserve, and is complete with people whose passions match his ...
Comicbook.com

PC Game From 2024 Free on Steam for Few Days Only

A PC game from Steam is currently available for free, but on April 16 this will change. On April 16, the free Steam game will become a paid Steam game locked behind a purchase. The game in question ...
InfoWorld

Are you ready for JavaScript in 2026?

Strip the types and hotwire the HTML—and triple check your package security while you are at it. JavaScript in 2026 is just getting started. I am loath to inform you that the first month of 2026 has ...
New York Daily News

After Mamdani’s snow day plug, ‘Heated Rivalry’ book downloads surge at NY Public Library

The racy book series behind HBO’s smash “Heated Rivalry” got a major Mamdani bump in readership over the weekend — after the mayor recommended snowed-in New Yorkers download one of the hot-and-heavy ...
The New York Times

After Mamdani Nods to ‘Heated Rivalry,’ Library E-Book Downloads Surge

As a snowstorm arrived, Mayor Zohran Mamdani reminded New Yorkers that they could access the romance series that inspired the TV show through their public library. By Liam Stack Liam Stack has watched ...
cryptonews

Major JavaScript Library Breach Puts All Crypto Websites at Risk

Critical React Server Components flaw enables remote code execution, prompting urgent crypto industry warnings as attackers exploit CVE-2025-55182 to drain wallets and deploy malware across vulnerable ...
Computer Weekly

Cyber teams on alert as React2Shell exploitation spreads

A remote code execution (RCE) vulnerability in the React JavaScript library, which earlier today caused disruption across the internet as Cloudflare pushed mitigations live on its network, is now ...
Dark Reading

React2Shell Vulnerability Under Attack From China-Nexus Groups

A critical vulnerability affecting the popular open source JavaScript library React is under attack — by none other by Chinese nation-state threat actors. CVE-2025-55182, which was disclosed Wednesday ...